Skip to main content

Warning Message When Creating A Keystore

 Warning Message When Creating A Keystore


When we try to list the contents of the keystore, using the below command,


keytool -list -v -keystore adkeystore.dat

Enter keystore password:

Keystore type: JKS

Keystore provider: SUN


Your keystore contains 1 entry


Alias name: prod_apps002

Creation date: Jan 26, 2012

Entry type: PrivateKeyEntry

Certificate chain length: 1

Certificate[1]:

Owner: CN=PROD_apps002, OU=apps, O=apps002, C=US

Issuer: CN=PROD_apps002, OU=apps, O=apps002, C=US

Serial number: 4f208085

Valid from: Thu Jan 26 01:21:57 AST 2012 until: Tue Jan 16 01:21:57 AST 2052

Certificate fingerprints:

         MD5:  XX: XX XX XX

         SHA1:  XX: XX XX XX

         SHA256:  XX: XX XX XX

Signature algorithm name: SHA1withDSA

Subject Public Key Algorithm: 1024-bit DSA key

Version: 3



*******************************************

*******************************************




Warning:

The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore adkeystore.dat  -destkeystore adkeystore.dat -deststoretype pkcs12".

======================================================================

Solution:

According to following, error started with Java 1.8.0_151 and later:

http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html 

"October 17, 2017"

"security-libs/java.security

Add warnings to keytool when using JKS and JCEKS

When keytool is operating on a JKS or JCEKS keystore, a warning may be shown
that the keystore uses a proprietary format and migrating to PKCS12 is
recommended. The keytool's -importkeystore command is also updated so that it
can convert a keystore from one type to another if the source and destination
point to the same file.

The warning could be ignored. It's due to new version of java.

There is no way to suppress these warning messages. There is way you can do it by setting the log level lower than warning, but which is not recommended.
The bug says all that you can do is ignore these warning messages.


Reference:

2376435.1

Comments

Post a Comment

Popular posts from this blog

CLEARING an ADOP patching session

In some case adop prepare phase fails due to some issues and if you wish to apply any patch in hotpatch mode, it will fail with below errors [STATEMENT] There is already a session which is incomplete. Details are: [STATEMENT]     Session Id: 2 [STATEMENT]     Prepare phase status: R [STATEMENT]     Apply phase status: N [STATEMENT]     Cutover  phase status: N [STATEMENT]     Abort phase status: N [STATEMENT]     Session status: F [ERROR]     Cannot apply hotpatch as another online patching cycle is going on [ERROR]     Unrecoverable error occured. Exiting the current session. [STATEMENT] [START 2019/10/22 16:13:00] Unlocking sessions table [STATEMENT] [END   2019/10/22 16:13:00] Unlocking sessions table [STATEMENT] Log file: /adop_20191022_161221.log [STATEMENT] [START 2019/10/22 16:13:02] Unlocking sessions table [STATEMENT] [E...
4 comments
Read more

How to Install XClock on Linux

 How to Install XClock on Linux Enable snaps on Red Hat Enterprise Linux and install xclock-simosx Snaps are applications packaged with all their dependencies to run on all popular Linux distributions from a single build. They update automatically and roll back gracefully. Snaps are discoverable and installable from the  Snap Store , an app store with an audience of millions. Follow the below link for the detailed steps https://snapcraft.io/install/xclock-simosx/rhel
Post a Comment
Read more